SECURITY DISCUSSION FORUMS

SANS INTERNET STORM CENTER

SANS Institute’s Internet Storm Center maps changes in Trojan and other virus traffic worldwide. Tracking such changes provides a possible way of anticipating major connectivity disruptions of the Internet infrastructure.

VIRUS INFORMATION TOOLS compliments ofTrendMicro & Symantec

READ THIS FINE PRINT: I am providing these monitors and links as a courtesy and service to site visitors. I have no relationship with TrendMicro or Symantec. Any information that y3ou provide them after clicking one of the links below is subject to that site’s privacy policies, not my own. In other words: This looks good to me, but use your own judgment in accessing or acting on this information, over which I have no control.

SECURITY LINKS

General Information

A sound basis for personal computer security rests on the following five points:

User education. The best security measures begin on the space-bar side of your keyboard. Equip yourself with basic security information. (Start with the links on this present page.)

Security patches & other critical Windows and MS Office updates. Be sure you are up-to-date on security patches. Microsoft rolls out new patches (when warranted) on the second Tuesday of every month. On current versions of Windows, you can set your computer to automatically notify you of any new Windows updates; otherwise, check manually on the second Wednesday of every month. Install all CRITICAL UPDATES immediately — the risk of a rare bad update is much less than the security risk of not installing.

Antivirus protection. A top-grade anti-virus program, with frequently updated virus definition files, running in real time should be basic to every computer in use today.

Firewall protection. Every PC with Internet access should have either a hardware firewall in place or a personal firewall installed and running. It should be bidirectional, tracking both outbound and inbound traffic.

Microsoft never distributes software directly through email!
If you receive an e-mail that claims to contain software from Microsoft, do not open the attachment. The safest course of action is to delete the mail altogether. If you would like to take additional action, report the e-mail to the sender’s Internet Service Provider. Most ISPs provide an “abuse” userid for this purpose.

Microsoft Security Essentials
Start here — for a fast online assessment of how secure your computer is, plus recommendations on how to make it more secure.

Microsoft Malware Protection Center
Current top malware threats of many types, information on the most recent Windows Defender definitions, access to Malicious Software Removal Tool, and more.

Home Computer Security
An amazing collection of useful information by CERT. Just look at the table of contents!

Gibson Research Corp.
Steve Gibson is a professional security consultant, so he’d like your business, too. But he’s also a security activist, with
several articles & free utilities, some of considerable interest.

Secure Password Generator
From WinGuides. One important part of personal security is a password nobody can guess. This site will generate them for you.

Help: I Got Hacked. Now What
Do I Do? by Jesper M. Johansson, Microsoft Security Program Manager. Discusses how truly vulnerable your machine still may be even
after recovering from a malware assault. Serious stuff to think about.

Wilders Security Forums A leading security-related forum answering questions on just
about every area of the subject. A major resource and community for security-minded professionals and other computer users.

Notification Services

Calendar of Updates
An ingenious idea by MS-MVP Donna Buenaventura — an online calendar of scheduled updates and other releases for a vast range of security-related products.
It is also a source for some of the more important breaking security-related news. (Apparently there is also an opt-in change-notification service, but I haven’t found it yet.)

US-CERT – National Cyber Alert System
CERT, partnered with the U.S. Department of Homeland Security’s National Cyber Security Division, provides this site
cyber security alerts including an opt-in email notification service.

Leading Vulnerabilities

RootKits

RootKits, as MS-MVP Harry Waldron puts it, are a type of “Super Spyware”. They affect both Windows and Linux operating systems, hide themselves, impact the OS kernel directly, and usually carry a more serious secondary payload. I will use this section to gather information and industry thoughts about this emerging threat.